New MegaUpload service 'Mega' joins The Pirate Bay in the cloud

We reported just yesterday that The Pirate Bay had moved its servers into the cloud, in an attempt to raid-proof the service. It's now the turn of MegaUpload founder, Kim Dotcom, who has announced the new replacement service 'Mega', which is to come with a similar twist.

The new service will, much like TPB, distribute files in multiple countries, however will go a step further, ultimately opening-up so that anyone can contribute a server to the network. The real trick to Mega's strategy is that before users upload a file, it'll be pre-encrypted with a custom software tool and, the key generated from this encryption will be the only way to access the file's content, a key which Mega will not retain.

The idea is, that if Mega doesn't know what's on its servers, how could it be liable? If third parties were to join the network, where responsibility rests would become further convoluted. Many countries, including the UK, don't currently hold hosts responsible for encrypted user content and ISPs are generally happy too as the content of traffic is unsnoopable, keeping liability away from themselves.

The argument could be made that Mega is hosting illegal content and that it can be discovered on the internet, however, placing encryption keys in the hands of the uploader is synonymous with passing the legal baton. A user must make an active decision to share a key and, as sharing will not take place on Mega's own website, there would be no responsibility for Mega to police the service beyond good old-fashion DMCA take-down requests, a tool which to use, requires consent from copyright owners to not hold Mega responsible.

There's some clear up and downsides to consider with this new service:

Legal responsibility is passed onto the user with no promise of anonymity following a DMCA request.

It'll be important not to lose keys to online backups and important files.

Data will be encrypted, even to the host.

Data will be distributed on multiple servers.

Service is immune to the sudden outage seen by MegaUpload.

At the most basic level, Mega will offer the same service as MegaUpload, whilst being immune to sudden seizure or loss of service through legal and physical strengthening. DMCAs will still take place but on the scale originally observed a year or two ago. Less obvious is the clear finger-pointing at users who upload content, which could lead to more responsible file-sharing or, alternatively, a lot of fake accounts and re-routed internet connections.

Login with Forum Account

Sounds pretty good actually, and not just from the point of view of sharing warez. It remains to be seen just how difficult to crack the encryption will be: I can imagine people adding servers to the Mega for the purpose of collecting files for offline decryption. With proper encryption this would be a hopeless endeavor of course, but, as I say, the encryption has to be <i>proper</i>.

Well hopefully this will not be good for sharing illegal stuff, but putting the liability onto the uploader is a good thing, and I guess anyone in possession of an encryption key would have to have had it provided by the uploader, so possibly complicit.

The liability needs to be on the the uploader and the downloader UNLESS the host knowingly allows something illegal to be shared.

A simple too would be not allowing filenames with obvious pirate groups names in them, or key words.

Encryption only helps up to a point… many warez groups will upload something and then share out the encryption key. The authorities just have to download it use the key, check it's warez and then prosecute the uploader and/or downloader…

Anyway, the governments will just tighten the law (which is a good thing) to deal with this…